Security/B2G/2013 3 20
Contents
- 1 FirefoxOS Security Team Meeting
- 1.1 News
- 1.2 Current/upcoming Reviews
- 1.3 Goal Status Updates
- 1.3.1 1. FirefoxOS related security reviews (owner: pauljt)
- 1.3.2 2. Document Firefox OS Security (owner: dchan)
- 1.3.3 3. Develop and land tests for security features (owner: dchan)
- 1.3.4 4.Engage communities & third-parties for Firefox OS security review and testing (owner: pauljt)
- 1.3.5 5. Drive OS-layer security improvement (owner: kang)
- 1.3.6 6. Secure app developer/reviewer guidelines/tools (owner: rforbes)
- 1.4 Other Items
FirefoxOS Security Team Meeting
1pm PST, B2G Vidyo room Prior notes are here: https://wiki.mozilla.org/Security/B2G/2013_2_20
News
Upcoming features:
- interesting paper http://cansecwest.com/slides/2013/Adobe%20Sandbox.pdf
Current/upcoming Reviews
Goal Status Updates
Not here
2. Document Firefox OS Security (owner: dchan)
Mostly done: https://developer.mozilla.org/en-US/docs/Mozilla/Firefox_OS/Security
Needs work: https://developer.mozilla.org/en-US/docs/Mozilla/Firefox_OS/Security/Application_security https://developer.mozilla.org/en-US/docs/Mozilla/Firefox_OS/Debugging_and_Security_Testing_with_Firefox_OS
3. Develop and land tests for security features (owner: dchan)
Working on finishing up suite 2 https://bugzilla.mozilla.org/show_bug.cgi?id=815105 Fixed up code to work again
4.Engage communities & third-parties for Firefox OS security review and testing (owner: pauljt)
https://docs.google.com/a/mozilla.com/document/d/1_KbifvJMxddhFsNbiHE5AwyNpFnIQNcVcmMkJ_QtvUw/edit#
5. Drive OS-layer security improvement (owner: kang)
- ASLR being reviewed, still needs some work for a cleaner implementation in gecko - Still trying to acquire qualcom sources for unagi
6. Secure app developer/reviewer guidelines/tools (owner: rforbes)
https://docs.google.com/a/mozilla.com/document/d/1DLs1jhTMxN5fh2PSb_O7FDaSadjjAW-MlK1xCBRWGmM/edit#
